A cookie is a small file of letters and numbers stored on the browser or hard drive of the user’s computer. Cookies are what track a visitor’s login information or save orders in a shopping cart so your visitors have a more personalised browsing experience when they return.
The four broad categories are:
Strictly necessary cookies are cookies that are required for the operation of your website. They include, for example, cookies that enable the user to log into secure areas of your website, use a shopping cart, or make use of e-billing services.
Analytical/performance cookies allow you to recognise and count the number of visitors and to see how visitors move around your website when they are using it. This helps you to improve the way your website works, for example by ensuring that users are finding what they are looking for easily.
Functionality cookies are used to recognise the user when the user returns to your website. This enables you to personalise your content for the user, greet the user by name, and remember the user’s preferences (for example the user’s choice of language or region).
Targeting cookies are cookies that record the user’s visit to your website, the pages the user has visited, and the links the user has followed.
Sign up for a Dragon Law free trial. No minimum commitment, no credit card required.
2) You want to use personal data for direct marketing, statistical analysis, or any other secondary purpose(s).
➤ Example member registration form from http://www.ecrent.com/. Do you collect personal data for marketing purposes?
3) You store data in the cloud – maybe in Google Drive, Shopify, or another third-party app.
Storing credit card information requires extra care. In fact, you probably need a specialised third-party app to do it legally, one which is PCI (Payment Card Industry) compliant. Common e-commerce apps, such as Shopify, are PCI compliant.
It is also important you consider guidelines provided in your country for dealing with outages or breaches. Singapore, for example, introduced new cloud outage incident response (COIR) guidelines that require businesses to employ reasonable security arrangements to protect personal data in their possession or under their control from unauthorised access, collection, use, disclosure, copying, modification or disposal (read more). Failure to comply can result in fines of up to SGD $1 million.
This guest article is brought to you by Shermin Oh from Dragon Law and edited by Easyship.
About Dragon Law
Dragon Law is the trusted platform to manage law online.
Founded in Hong Kong in 2013, our mission is to transform the way businesses meet their legal needs. Our simple question-and-answer interface gathers key insights about your business, and generates highly-customised contracts that address your specific needs. We give business owners the know-how and confidence to create even the most complex legal documents from start to finish.
Experience the new face of business law.